McColo takedown: Internet self policing or vigilantism

McColo hosted a staggering variety of cybercrime activity, according to a group of researchers who said they had documented the company's practices for more than two years. In addition to hosting Web sites that spewed out huge quantities of spam, McColo is alleged to have hosted child pornography and counterfeit pharmaceutical sites, as well as command-and-control servers for some of the Internet's biggest botnets.

McColo was kicked offline after The Washington Post gave the company's upstream service providers information about its alleged hosting activities that the Post had gathered from the security researchers.

Benny Ng, director of infrastructure at Hurricane Electric, an ISP that was one of McColo's service providers, said his company's decision to pull the plug was based solely on what it was given by the Post . According to Ng, the decision was straightforward because what McColo was doing was against Hurricane Electric's terms of service.

The fear of ending up on an Internet blacklist is also a powerful motivator in such cases. The blacklists maintained by StopBadware.org and other groups are used by many security vendors and corporate IT departments as part of their efforts to block spam and malware. As a result, ending up on the lists can have drastic consequences for an ISP or Web site.

Blacklist groups "basically have you over a barrel," said an executive at a hosting firm who asked not to be named. "So yes, we do pay attention to them."

However, in both the McColo and Intercage cases, the only role the security community played was to collect evidence showing that the two companies were hosting clients involved in all sorts of criminal activity, said Garth Bruen, founder of the antispam group KnujOn.

The decisions to pull the plug on the hosting firms were made solely by the upstream service providers, Bruen noted. "That was their choice to do it," he said. "We just gave them the information to help them make up their mind."

What's going on is "a little closer to vigilance than it is to vigilantism," StopBadware.org's Weinstein said in an interview. The security researchers who track alleged bad apples "are not inciting specific action against any company," he added. "What they're doing is publishing data and putting it in front of people who are making these decisions."

Often, though, it's hard to know for sure if a hosting company is complicit in the illegal activities taking place on its networks, or the extent of its culpability if it is aware of them, Weinstein acknowledged. "That's definitely a concern," he said. "But I don't think there's an easy answer to it."

Tags malware

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Jaikumar Vijayan

Computerworld

Comments

Comments are now closed.

Most Popular Reviews

Follow Us

Best Deals on GoodGearGuide

Shopping.com

Latest News Articles

Resources

GGG Evaluation Team

Kathy Cassidy

STYLISTIC Q702

First impression on unpacking the Q702 test unit was the solid feel and clean, minimalist styling.

Anthony Grifoni

STYLISTIC Q572

For work use, Microsoft Word and Excel programs pre-installed on the device are adequate for preparing short documents.

Steph Mundell

LIFEBOOK UH574

The Fujitsu LifeBook UH574 allowed for great mobility without being obnoxiously heavy or clunky. Its twelve hours of battery life did not disappoint.

Andrew Mitsi

STYLISTIC Q702

The screen was particularly good. It is bright and visible from most angles, however heat is an issue, particularly around the Windows button on the front, and on the back where the battery housing is located.

Simon Harriott

STYLISTIC Q702

My first impression after unboxing the Q702 is that it is a nice looking unit. Styling is somewhat minimalist but very effective. The tablet part, once detached, has a nice weight, and no buttons or switches are located in awkward or intrusive positions.

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?